iOS 7 Beta Bug Enables Lockscreen Bypass

An iPhone user has managed a screen-lock bypass on the beta version of Apple iOS 7, which has been available since Monday.

An iPhone user in Spain who downloaded the beta version of Apple iOS 7, which was made available Monday, was able to bypass its screen-lock security feature.

The revamped mobile operating system was unveiled by the Cupertino, California technology giant last week at its annual World Wide Developers Conference in San Francisco. iOS 7 is slated for release sometime in the fall of this year, but the beta has been available all week.

After bypassing the lock screen, Jose Rodriguez recorded a video demonstrating an exploit in which he gains partial access to the phone without having to enter the screen-lock password. He then sent the video to Forbes reporter Andy Greenberg. He and Forbes video producer, Jonathan Hall, reproduced the exploit and posted their video-demo online.

From the video, it appears that new platform lets users access a wider array of features from the lock-screen than in previous versions. One of those features is the device’s calculator, which can be accessed through an up-swipe menu while the device is still locked. In the demo, Hall accesses the calculator, then runs his finger up the screen to bring the up-swipe menu back. He then accesses the phone’s camera as if to take a picture, which is possible in previous iOS versions. However, unlike previous versions, he can now access all of the photos as well. Once he has access to the individual photos he can scroll back to the full camera roll, and, according to Greenberg, access, delete, email, upload or tweet the device’s photos without knowing its passcode.

This isn’t the first time Apple has dealt with iPhone lockscreen bypass issues. In February, we wrote about a flaw in iOS 6.1 that could be exploited to bypass the screen-lock feature and access the device’s phone feature, view and edit contacts, check voicemail and look through photos. All a user needed to do was make an emergency call, cancel the call, and then trick the device into thinking it’s been turned off by holding the lock button twice. Again, later in the same month, researchers found a kernel-glitch in the same version of iOS that could also be exploited to bypass the lock-screen again.

The new operating system offers a substantial redesign with at least two interesting security features. The first is called Activation Lock, and its intent is to guard lost and stolen devices against factory resets. Apple’s iOS 5 introduced the iCloud and a feature called Find My iPhone became part of the iOS default installation. It allows users to track down the GPS location of missing devices through the iCloud and perform various functions, like locking a device, remotely wiping it, or causing it to ring and display a customized message.

Problematically, thieves often perform a factory reset on stolen devices (unless they are trying to mine the devices for data), rendering the Find My iPhone feature useless. In iOS 7 however, performing a factory reset is only possible after a user enters their Apple ID and password. The other feature is a sort of password manager called iCloud Keychain and it allows user to store (in 256-bit AES encryption) and sync passwords and credit card numbers between their various iDevices.

Screenshot from Forbes video.

Suggested articles


  • Yup on

    How is gaining access to the camera roll and the other features of Control Center the same as getting "full access to the phone without having to enter the screen-lock password"? Also, it's called beta for a reason. Talk about being desperate for readers.
    • Brian Donohue on

      My mistake. I changed full to partial access. Thanks for the close read.
  • on

    So bugs in beta products are somehow now news?
  • Doug Asker on

    I have already been evaluating iOS7 on my iPhone 5 for the last day or two. Being honest I fell somewhat tepid about the whole experience. After years of design innovation exactly why have Apple made the decision to make their OS seem like a poor relation of Microsoft’s Windows 8. On the other side it seems to have borrowed heavily from Android. Now you can swipe up to turn on/off WIFI, bluetooth, very similar to Android. In summary I enjoy: Newsstand, the built-in torch, screen transition, new compass interface and email interface. I don’t like: no bulk erase feature in the mail program, it’s still message by message deletion. The pseudo windows interface and menu movement. The settings menu is a bit of a waste land of white space. Just like an aging husband and wife I am finding more faults with it as time passes but I grow to like it the more time I spend with it.
  • Jacob Cain on

    When you find security risks in a "Beta" version of a software, you notify the creator ie Apple. Making news reports telling people in detail how to hack someone's phone to infiltrate their privacy is no better than a terrorist's advisor telling the he/she when its ok to push the button. You could have reported the issue without telling everyone how to do it. I mean come on......
  • Martin de Bes on

    Since when are Bèta releases ought to be completely safe and with no security issues. IMHO that is exactly the purpose of a Bèta version: to let a select group of customers/developers play with it, and find flaws and errors and report them. This article is however suggesting it is a mayor mistake or misstep of Apple, and that is in no way the case.
  • Marnix on

    Stil amazed nobody mentions the abelity to put the phone in airplane mode in the same pul up screen even if locked (this can be disabled in settings) Airplane mode renders where''s my iPhone useles and gives someone the ability to manipulate the phone without it beeing blocked
  • Ben on

    While being tested, has been found first bug

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.